Compliance Dictionary
Definitions of key regulatory and compliance terms used across the docs.
Regulations
| Regulation | Short definition |
|---|---|
| 5AMLD / 6AMLD | EU AML directives. Extended AML/CFT to virtual assets; defined VASPs. Member States transpose into national law. |
| EMD2 | Electronic Money Directive 2 (EU 2009/110/EC). Defines e-money; authorizes EMIs to issue it. |
| FATF | Financial Action Task Force. International AML/CFT standards. 2019 guidance defined VASPs. |
| MiCA | Markets in Crypto-Assets Regulation (EU 2023/1114). EU framework for crypto-assets, ARTs, EMTs, CASPs. |
| PSD2 | Payment Services Directive 2 (EU 2015/2366). Regulates payment services; authorizes PSPs and EMIs. |
| DORA | Digital Operational Resilience Act (EU 2022/2554). ICT risk management, incident reporting, and operational resilience for the EU financial sector. |
5AMLD / 6AMLD
EU Anti-Money Laundering Directives. 5AMLD (2018/843) and 6AMLD (2018/1673) extended AML/CFT rules to virtual assets and defined VASPs. Member States must transpose into national law.
| Term | Definition |
|---|---|
| VASP | Virtual Asset Service Provider. A natural or legal person that conducts one or more of the following on behalf of another: exchange between virtual assets and fiat; transfer of virtual assets; custody/administration of virtual assets; participation in financial services related to virtual assets. Broader scope than CASP; used internationally. See also FATF guidance. |
EMD2
Electronic Money Directive 2 (EU 2009/110/EC). Defines e-money and authorizes EMIs to issue it. MiCA Title IV (EMTs) builds on EMD2: an EMT is the on-chain representation of e-money issued by an EMI.
| Term | Definition |
|---|---|
| EMI | Electronic Money Institution. Licensed under EMD2 to issue e-money. Under MiCA Title IV, EMIs are the only entities that may issue EMTs (e-money tokens). Holds the reserve, mints/burns tokens. |
FATF
Financial Action Task Force. International body that sets AML/CFT standards. FATF’s 2019 Guidance for a Risk-Based Approach to Virtual Assets and Virtual Asset Service Providers first defined VASPs and obliges jurisdictions to regulate them. EU 5AMLD/6AMLD transpose these standards into Union law.
MiCA
Markets in Crypto-Assets Regulation (EU 2023/1114). EU framework for crypto-assets, ARTs, EMTs, and CASPs.
| Term | Definition |
|---|---|
| ART | Asset-Referenced Token. A token that aims to maintain a stable value by referencing another value or right, or a combination thereof (e.g. basket of assets, fiat currencies). Governed by MiCA Title III. Examples: USDC, USDT. Distinguished from EMTs, which reference a single fiat currency. |
| CASP | Crypto-Asset Service Provider. Under MiCA Title V, a legal person whose occupation or business is to provide crypto-asset services to third parties on a professional basis. Includes custody, administration, operation of trading platforms, exchange of crypto-assets for fiat/other crypto-assets, execution of orders, portfolio management, etc. Requires authorization in the EU. |
| EMT | E-Money Token. Under MiCA Title IV, a type of crypto-asset that purports to maintain a stable value by referencing the value of a single fiat currency. A digital representation of e-money under EMD2. Issued by an EMI against safeguarded fiat reserves. Examples: EUR-backed stablecoins issued by licensed EMIs. |
| NCA | National Competent Authority. The regulator in each EU Member State (e.g. BaFin, ACPR) responsible for supervision under MiCA. |
PSD2
Payment Services Directive 2 (EU 2015/2366). Regulates payment services in the EU: execution of payment transactions, issuance of payment instruments, money remittance, account information services, etc. PSPs and EMIs are authorized under PSD2.
| Term | Definition |
|---|---|
| PSP | Payment Service Provider. A legal person authorized to provide payment services (execution of transfers, issuing payment instruments, acquiring, money remittance, account information, etc.). Fintechs and on-ramps often hold PSP licenses. EMIs also provide payment services under PSD2. |
DORA
Digital Operational Resilience Act (EU 2022/2554). Requires EU financial entities (including EMIs, PSPs, CASPs) to manage ICT risk, report major ICT-related incidents, and ensure operational resilience. Regulates ICT third-party providers, including critical providers subject to direct EU oversight.
| Term | Definition |
|---|---|
| ICT risk | Information and Communication Technology risk. Risks to confidentiality, integrity, availability, or authenticity of data and systems. DORA obliges in-scope entities to identify, manage, and mitigate ICT risk. |
| ICT third-party provider | Provider of ICT services to financial entities (e.g. cloud, data centres, software). DORA imposes contractual and oversight requirements; critical ICT third-party providers are designated and supervised directly by EU authorities. |
Other
| Term | Definition |
|---|---|
| AML/CFT | Anti-Money Laundering / Counter-Financing of Terrorism. Framework for detecting and preventing illicit fund flows (laundering of proceeds of crime; financing of terrorism). FATF sets international standards; EU 5AMLD/6AMLD transpose into Union law. |
| UKRC | Unique-Key Recursive Compliance. Our threshold decryption system for lawful disclosure of transaction metadata. k-of-n guardians must approve a warrant before any data is revealed. Enables chain tracing (forward/backward) while preserving privacy for normal users. See Anonymity Revoking. |